Professional Documents
Culture Documents
E-Commerce Security and Fraud Protection
E-Commerce Security and Fraud Protection
Learning Objectives
1. Understand the importance and scope of security of
information systems for EC.
2. Describe the major concepts and terminology of EC
security.
3. Learn about the major EC security threats, vulnerabilities,
and technical attacks.
4. Understand Internet fraud, phishing, and spam.
5. Describe the information assurance security principles.
6. Identify and assess major technologies and methods for
securing EC access and communications.
by hackers
Copyright © 2012 Pearson Education 9-10
The Information Security Problem
Internet underground economy
E-markets for stolen information made up of thousands of
websites that sell credit card numbers, social security
numbers, other data such as numbers of bank accounts,
social network IDs, passwords, and much more.
Darknet: separate Internet that can be accessed by members only
and it uses different protocols and is not accessible by search
engines
The Internet Silk Road
Keystroke logging (keylogging) using a device or software
program that tracks and records the activity of a user in real time
by the keyboard keys they press
The Dynamic Nature of EC Systems and the Role of
Insiders
The Sophistication of the Attacks